net/ipv6/ndisc.c

   1 /*
   2  *      Neighbour Discovery for IPv6
   3  *      Linux INET6 implementation
   4  *
   5  *      Authors:
   6  *      Pedro Roque             <roque@di.fc.ul.pt>
   7  *      Mike Shaver             <shaver@ingenia.com>
   8  *
   9  *      This program is free software; you can redistribute it and/or
  10  *      modify it under the terms of the GNU General Public License
  11  *      as published by the Free Software Foundation; either version
  12  *      2 of the License, or (at your option) any later version.
  13  */
  14
  15 /*
  16  *      Changes:
  17  *
  18  *      Pierre Ynard                    :       export userland ND options
  19  *                                              through netlink (RDNSS support)
  20  *      Lars Fenneberg                  :       fixed MTU setting on receipt
  21  *                                              of an RA.
  22  *      Janos Farkas                    :       kmalloc failure checks
  23  *      Alexey Kuznetsov                :       state machine reworked
  24  *                                              and moved to net/core.
  25  *      Pekka Savola                    :       RFC2461 validation
  26  *      YOSHIFUJI Hideaki @USAGI        :       Verify ND options properly
  27  */
  28
  29 /* Set to 3 to get tracing... */
  30 #define ND_DEBUG 1
  31
  32 #define ND_PRINTK(fmt, args...) do { if (net_ratelimit()) { printk(fmt, ## args); } } while(0)
  33 #define ND_NOPRINTK(x...) do { ; } while(0)
  34 #define ND_PRINTK0 ND_PRINTK
  35 #define ND_PRINTK1 ND_NOPRINTK
  36 #define ND_PRINTK2 ND_NOPRINTK
  37 #define ND_PRINTK3 ND_NOPRINTK
  38 #if ND_DEBUG >= 1
  39 #undef ND_PRINTK1
  40 #define ND_PRINTK1 ND_PRINTK
  41 #endif
  42 #if ND_DEBUG >= 2
  43 #undef ND_PRINTK2
  44 #define ND_PRINTK2 ND_PRINTK
  45 #endif
  46 #if ND_DEBUG >= 3
  47 #undef ND_PRINTK3
  48 #define ND_PRINTK3 ND_PRINTK
  49 #endif
  50
  51 #include <linux/module.h>
  52 #include <linux/errno.h>
  53 #include <linux/types.h>
  54 #include <linux/socket.h>
  55 #include <linux/sockios.h>
  56 #include <linux/sched.h>
  57 #include <linux/net.h>
  58 #include <linux/in6.h>
  59 #include <linux/route.h>
  60 #include <linux/init.h>
  61 #include <linux/rcupdate.h>
  62 #include <linux/slab.h>
  63 #ifdef CONFIG_SYSCTL
  64 #include <linux/sysctl.h>
  65 #endif
  66
  67 #include <linux/if_addr.h>
  68 #include <linux/if_arp.h>
  69 #include <linux/ipv6.h>
  70 #include <linux/icmpv6.h>
  71 #include <linux/jhash.h>
  72
  73 #include <net/sock.h>
  74 #include <net/snmp.h>
  75
  76 #include <net/ipv6.h>
  77 #include <net/protocol.h>
  78 #include <net/ndisc.h>
  79 #include <net/ip6_route.h>
  80 #include <net/addrconf.h>
  81 #include <net/icmp.h>
  82
  83 #include <net/netlink.h>
  84 #include <linux/rtnetlink.h>
  85
  86 #include <net/flow.h>
  87 #include <net/ip6_checksum.h>
  88 #include <net/inet_common.h>
  89 #include <linux/proc_fs.h>
  90
  91 #include <linux/netfilter.h>
  92 #include <linux/netfilter_ipv6.h>
  93
  94 static u32 ndisc_hash(const void *pkey, const struct net_device *dev);
  95 static int ndisc_constructor(struct neighbour *neigh);
  96 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb);
  97 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb);
  98 static int pndisc_constructor(struct pneigh_entry *n);
  99 static void pndisc_destructor(struct pneigh_entry *n);
 100 static void pndisc_redo(struct sk_buff *skb);
 101
 102 static const struct neigh_ops ndisc_generic_ops = {
 103         .family =               AF_INET6,
 104         .solicit =              ndisc_solicit,
 105         .error_report =         ndisc_error_report,
 106         .output =               neigh_resolve_output,
 107         .connected_output =     neigh_connected_output,
 108         .hh_output =            dev_queue_xmit,
 109         .queue_xmit =           dev_queue_xmit,
 110 };
 111
 112 static const struct neigh_ops ndisc_hh_ops = {
 113         .family =               AF_INET6,
 114         .solicit =              ndisc_solicit,
 115         .error_report =         ndisc_error_report,
 116         .output =               neigh_resolve_output,
 117         .connected_output =     neigh_resolve_output,
 118         .hh_output =            dev_queue_xmit,
 119         .queue_xmit =           dev_queue_xmit,
 120 };
 121
 122
 123 static const struct neigh_ops ndisc_direct_ops = {
 124         .family =               AF_INET6,
 125         .output =               dev_queue_xmit,
 126         .connected_output =     dev_queue_xmit,
 127         .hh_output =            dev_queue_xmit,
 128         .queue_xmit =           dev_queue_xmit,
 129 };
 130
 131 struct neigh_table nd_tbl = {
 132         .family =       AF_INET6,
 133         .entry_size =   sizeof(struct neighbour) + sizeof(struct in6_addr),
 134         .key_len =      sizeof(struct in6_addr),
 135         .hash =         ndisc_hash,
 136         .constructor =  ndisc_constructor,
 137         .pconstructor = pndisc_constructor,
 138         .pdestructor =  pndisc_destructor,
 139         .proxy_redo =   pndisc_redo,
 140         .id =           "ndisc_cache",
 141         .parms = {
 142                 .tbl =                  &nd_tbl,
 143                 .base_reachable_time =  30 * HZ,
 144                 .retrans_time =  1 * HZ,
 145                 .gc_staletime = 60 * HZ,
 146                 .reachable_time =               30 * HZ,
 147                 .delay_probe_time =      5 * HZ,
 148                 .queue_len =             3,
 149                 .ucast_probes =  3,
 150                 .mcast_probes =  3,
 151                 .anycast_delay =         1 * HZ,
 152                 .proxy_delay =          (8 * HZ) / 10,
 153                 .proxy_qlen =           64,
 154         },
 155         .gc_interval =    30 * HZ,
 156         .gc_thresh1 =    128,
 157         .gc_thresh2 =    512,
 158         .gc_thresh3 =   1024,
 159 };
 160
 161 /* ND options */
 162 struct ndisc_options {
 163         struct nd_opt_hdr *nd_opt_array[__ND_OPT_ARRAY_MAX];
 164 #ifdef CONFIG_IPV6_ROUTE_INFO
 165         struct nd_opt_hdr *nd_opts_ri;
 166         struct nd_opt_hdr *nd_opts_ri_end;
 167 #endif
 168         struct nd_opt_hdr *nd_useropts;
 169         struct nd_opt_hdr *nd_useropts_end;
 170 };
 171
 172 #define nd_opts_src_lladdr      nd_opt_array[ND_OPT_SOURCE_LL_ADDR]
 173 #define nd_opts_tgt_lladdr      nd_opt_array[ND_OPT_TARGET_LL_ADDR]
 174 #define nd_opts_pi              nd_opt_array[ND_OPT_PREFIX_INFO]
 175 #define nd_opts_pi_end          nd_opt_array[__ND_OPT_PREFIX_INFO_END]
 176 #define nd_opts_rh              nd_opt_array[ND_OPT_REDIRECT_HDR]
 177 #define nd_opts_mtu             nd_opt_array[ND_OPT_MTU]
 178
 179 #define NDISC_OPT_SPACE(len) (((len)+2+7)&~7)
 180
 181 /*
 182  * Return the padding between the option length and the start of the
 183  * link addr.  Currently only IP-over-InfiniBand needs this, although
 184  * if RFC 3831 IPv6-over-Fibre Channel is ever implemented it may
 185  * also need a pad of 2.
 186  */
 187 static int ndisc_addr_option_pad(unsigned short type)
 188 {
 189         switch (type) {
 190         case ARPHRD_INFINIBAND: return 2;
 191         default:                return 0;
 192         }
 193 }
 194
 195 static inline int ndisc_opt_addr_space(struct net_device *dev)
 196 {
 197         return NDISC_OPT_SPACE(dev->addr_len + ndisc_addr_option_pad(dev->type));
 198 }
 199
 200 static u8 *ndisc_fill_addr_option(u8 *opt, int type, void *data, int data_len,
 201                                   unsigned short addr_type)
 202 {
 203         int space = NDISC_OPT_SPACE(data_len);
 204         int pad   = ndisc_addr_option_pad(addr_type);
 205
 206         opt[0] = type;
 207         opt[1] = space>>3;
 208
 209         memset(opt + 2, 0, pad);
 210         opt   += pad;
 211         space -= pad;
 212
 213         memcpy(opt+2, data, data_len);
 214         data_len += 2;
 215         opt += data_len;
 216         if ((space -= data_len) > 0)
 217                 memset(opt, 0, space);
 218         return opt + space;
 219 }
 220
 221 static struct nd_opt_hdr *ndisc_next_option(struct nd_opt_hdr *cur,
 222                                             struct nd_opt_hdr *end)
 223 {
 224         int type;
 225         if (!cur || !end || cur >= end)
 226                 return NULL;
 227         type = cur->nd_opt_type;
 228         do {
 229                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
 230         } while(cur < end && cur->nd_opt_type != type);
 231         return (cur <= end && cur->nd_opt_type == type ? cur : NULL);
 232 }
 233
 234 static inline int ndisc_is_useropt(struct nd_opt_hdr *opt)
 235 {
 236         return (opt->nd_opt_type == ND_OPT_RDNSS);
 237 }
 238
 239 static struct nd_opt_hdr *ndisc_next_useropt(struct nd_opt_hdr *cur,
 240                                              struct nd_opt_hdr *end)
 241 {
 242         if (!cur || !end || cur >= end)
 243                 return NULL;
 244         do {
 245                 cur = ((void *)cur) + (cur->nd_opt_len << 3);
 246         } while(cur < end && !ndisc_is_useropt(cur));
 247         return (cur <= end && ndisc_is_useropt(cur) ? cur : NULL);
 248 }
 249
 250 static struct ndisc_options *ndisc_parse_options(u8 *opt, int opt_len,
 251                                                  struct ndisc_options *ndopts)
 252 {
 253         struct nd_opt_hdr *nd_opt = (struct nd_opt_hdr *)opt;
 254
 255         if (!nd_opt || opt_len < 0 || !ndopts)
 256                 return NULL;
 257         memset(ndopts, 0, sizeof(*ndopts));
 258         while (opt_len) {
 259                 int l;
 260                 if (opt_len < sizeof(struct nd_opt_hdr))
 261                         return NULL;
 262                 l = nd_opt->nd_opt_len << 3;
 263                 if (opt_len < l || l == 0)
 264                         return NULL;
 265                 switch (nd_opt->nd_opt_type) {
 266                 case ND_OPT_SOURCE_LL_ADDR:
 267                 case ND_OPT_TARGET_LL_ADDR:
 268                 case ND_OPT_MTU:
 269                 case ND_OPT_REDIRECT_HDR:
 270                         if (ndopts->nd_opt_array[nd_opt->nd_opt_type]) {
 271                                 ND_PRINTK2(KERN_WARNING
 272                                            "%s(): duplicated ND6 option found: type=%d\n",
 273                                            __func__,
 274                                            nd_opt->nd_opt_type);
 275                         } else {
 276                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
 277                         }
 278                         break;
 279                 case ND_OPT_PREFIX_INFO:
 280                         ndopts->nd_opts_pi_end = nd_opt;
 281                         if (!ndopts->nd_opt_array[nd_opt->nd_opt_type])
 282                                 ndopts->nd_opt_array[nd_opt->nd_opt_type] = nd_opt;
 283                         break;
 284 #ifdef CONFIG_IPV6_ROUTE_INFO
 285                 case ND_OPT_ROUTE_INFO:
 286                         ndopts->nd_opts_ri_end = nd_opt;
 287                         if (!ndopts->nd_opts_ri)
 288                                 ndopts->nd_opts_ri = nd_opt;
 289                         break;
 290 #endif
 291                 default:
 292                         if (ndisc_is_useropt(nd_opt)) {
 293                                 ndopts->nd_useropts_end = nd_opt;
 294                                 if (!ndopts->nd_useropts)
 295                                         ndopts->nd_useropts = nd_opt;
 296                         } else {
 297                                 /*
 298                                  * Unknown options must be silently ignored,
 299                                  * to accommodate future extension to the
 300                                  * protocol.
 301                                  */
 302                                 ND_PRINTK2(KERN_NOTICE
 303                                            "%s(): ignored unsupported option; type=%d, len=%d\n",
 304                                            __func__,
 305                                            nd_opt->nd_opt_type, nd_opt->nd_opt_len);
 306                         }
 307                 }
 308                 opt_len -= l;
 309                 nd_opt = ((void *)nd_opt) + l;
 310         }
 311         return ndopts;
 312 }
 313
 314 static inline u8 *ndisc_opt_addr_data(struct nd_opt_hdr *p,
 315                                       struct net_device *dev)
 316 {
 317         u8 *lladdr = (u8 *)(p + 1);
 318         int lladdrlen = p->nd_opt_len << 3;
 319         int prepad = ndisc_addr_option_pad(dev->type);
 320         if (lladdrlen != NDISC_OPT_SPACE(dev->addr_len + prepad))
 321                 return NULL;
 322         return (lladdr + prepad);
 323 }
 324
 325 int ndisc_mc_map(struct in6_addr *addr, char *buf, struct net_device *dev, int dir)
 326 {
 327         switch (dev->type) {
 328         case ARPHRD_ETHER:
 329         case ARPHRD_IEEE802:    /* Not sure. Check it later. --ANK */
 330         case ARPHRD_FDDI:
 331                 ipv6_eth_mc_map(addr, buf);
 332                 return 0;
 333         case ARPHRD_IEEE802_TR:
 334                 ipv6_tr_mc_map(addr,buf);
 335                 return 0;
 336         case ARPHRD_ARCNET:
 337                 ipv6_arcnet_mc_map(addr, buf);
 338                 return 0;
 339         case ARPHRD_INFINIBAND:
 340                 ipv6_ib_mc_map(addr, dev->broadcast, buf);
 341                 return 0;
 342         default:
 343                 if (dir) {
 344                         memcpy(buf, dev->broadcast, dev->addr_len);
 345                         return 0;
 346                 }
 347         }
 348         return -EINVAL;
 349 }
 350
 351 EXPORT_SYMBOL(ndisc_mc_map);
 352
 353 static u32 ndisc_hash(const void *pkey, const struct net_device *dev)
 354 {
 355         const u32 *p32 = pkey;
 356         u32 addr_hash, i;
 357
 358         addr_hash = 0;
 359         for (i = 0; i < (sizeof(struct in6_addr) / sizeof(u32)); i++)
 360                 addr_hash ^= *p32++;
 361
 362         return jhash_2words(addr_hash, dev->ifindex, nd_tbl.hash_rnd);
 363 }
 364
 365 static int ndisc_constructor(struct neighbour *neigh)
 366 {
 367         struct in6_addr *addr = (struct in6_addr*)&neigh->primary_key;
 368         struct net_device *dev = neigh->dev;
 369         struct inet6_dev *in6_dev;
 370         struct neigh_parms *parms;
 371         int is_multicast = ipv6_addr_is_multicast(addr);
 372
 373         rcu_read_lock();
 374         in6_dev = in6_dev_get(dev);
 375         if (in6_dev == NULL) {
 376                 rcu_read_unlock();
 377                 return -EINVAL;
 378         }
 379
 380         parms = in6_dev->nd_parms;
 381         __neigh_parms_put(neigh->parms);
 382         neigh->parms = neigh_parms_clone(parms);
 383         rcu_read_unlock();
 384
 385         neigh->type = is_multicast ? RTN_MULTICAST : RTN_UNICAST;
 386         if (!dev->header_ops) {
 387                 neigh->nud_state = NUD_NOARP;
 388                 neigh->ops = &ndisc_direct_ops;
 389                 neigh->output = neigh->ops->queue_xmit;
 390         } else {
 391                 if (is_multicast) {
 392                         neigh->nud_state = NUD_NOARP;
 393                         ndisc_mc_map(addr, neigh->ha, dev, 1);
 394                 } else if (dev->flags&(IFF_NOARP|IFF_LOOPBACK)) {
 395                         neigh->nud_state = NUD_NOARP;
 396                         memcpy(neigh->ha, dev->dev_addr, dev->addr_len);
 397                         if (dev->flags&IFF_LOOPBACK)
 398                                 neigh->type = RTN_LOCAL;
 399                 } else if (dev->flags&IFF_POINTOPOINT) {
 400                         neigh->nud_state = NUD_NOARP;
 401                         memcpy(neigh->ha, dev->broadcast, dev->addr_len);
 402                 }
 403                 if (dev->header_ops->cache)
 404                         neigh->ops = &ndisc_hh_ops;
 405                 else
 406                         neigh->ops = &ndisc_generic_ops;
 407                 if (neigh->nud_state&NUD_VALID)
 408                         neigh->output = neigh->ops->connected_output;
 409                 else
 410                         neigh->output = neigh->ops->output;
 411         }
 412         in6_dev_put(in6_dev);
 413         return 0;
 414 }
 415
 416 static int pndisc_constructor(struct pneigh_entry *n)
 417 {
 418         struct in6_addr *addr = (struct in6_addr*)&n->key;
 419         struct in6_addr maddr;
 420         struct net_device *dev = n->dev;
 421
 422         if (dev == NULL || __in6_dev_get(dev) == NULL)
 423                 return -EINVAL;
 424         addrconf_addr_solict_mult(addr, &maddr);
 425         ipv6_dev_mc_inc(dev, &maddr);
 426         return 0;
 427 }
 428
 429 static void pndisc_destructor(struct pneigh_entry *n)
 430 {
 431         struct in6_addr *addr = (struct in6_addr*)&n->key;
 432         struct in6_addr maddr;
 433         struct net_device *dev = n->dev;
 434
 435         if (dev == NULL || __in6_dev_get(dev) == NULL)
 436                 return;
 437         addrconf_addr_solict_mult(addr, &maddr);
 438         ipv6_dev_mc_dec(dev, &maddr);
 439 }
 440
 441 struct sk_buff *ndisc_build_skb(struct net_device *dev,
 442                                 const struct in6_addr *daddr,
 443                                 const struct in6_addr *saddr,
 444                                 struct icmp6hdr *icmp6h,
 445                                 const struct in6_addr *target,
 446                                 int llinfo)
 447 {
 448         struct net *net = dev_net(dev);
 449         struct sock *sk = net->ipv6.ndisc_sk;
 450         struct sk_buff *skb;
 451         struct icmp6hdr *hdr;
 452         int len;
 453         int err;
 454         u8 *opt;
 455
 456         if (!dev->addr_len)
 457                 llinfo = 0;
 458
 459         len = sizeof(struct icmp6hdr) + (target ? sizeof(*target) : 0);
 460         if (llinfo)
 461                 len += ndisc_opt_addr_space(dev);
 462
 463         skb = sock_alloc_send_skb(sk,
 464                                   (MAX_HEADER + sizeof(struct ipv6hdr) +
 465                                    len + LL_ALLOCATED_SPACE(dev)),
 466                                   1, &err);
 467         if (!skb) {
 468                 ND_PRINTK0(KERN_ERR
 469                            "ICMPv6 ND: %s() failed to allocate an skb, err=%d.\n",
 470                            __func__, err);
 471                 return NULL;
 472         }
 473
 474         skb_reserve(skb, LL_RESERVED_SPACE(dev));
 475         ip6_nd_hdr(sk, skb, dev, saddr, daddr, IPPROTO_ICMPV6, len);
 476
 477         skb->transport_header = skb->tail;
 478         skb_put(skb, len);
 479
 480         hdr = (struct icmp6hdr *)skb_transport_header(skb);
 481         memcpy(hdr, icmp6h, sizeof(*hdr));
 482
 483         opt = skb_transport_header(skb) + sizeof(struct icmp6hdr);
 484         if (target) {
 485                 ipv6_addr_copy((struct in6_addr *)opt, target);
 486                 opt += sizeof(*target);
 487         }
 488
 489         if (llinfo)
 490                 ndisc_fill_addr_option(opt, llinfo, dev->dev_addr,
 491                                        dev->addr_len, dev->type);
 492
 493         hdr->icmp6_cksum = csum_ipv6_magic(saddr, daddr, len,
 494                                            IPPROTO_ICMPV6,
 495                                            csum_partial(hdr,
 496                                                         len, 0));
 497
 498         return skb;
 499 }
 500
 501 EXPORT_SYMBOL(ndisc_build_skb);
 502
 503 void ndisc_send_skb(struct sk_buff *skb,
 504                     struct net_device *dev,
 505                     struct neighbour *neigh,
 506                     const struct in6_addr *daddr,
 507                     const struct in6_addr *saddr,
 508                     struct icmp6hdr *icmp6h)
 509 {
 510         struct flowi fl;
 511         struct dst_entry *dst;
 512         struct net *net = dev_net(dev);
 513         struct sock *sk = net->ipv6.ndisc_sk;
 514         struct inet6_dev *idev;
 515         int err;
 516         u8 type;
 517
 518         type = icmp6h->icmp6_type;
 519
 520         icmpv6_flow_init(sk, &fl, type, saddr, daddr, dev->ifindex);
 521
 522         dst = icmp6_dst_alloc(dev, neigh, daddr);
 523         if (!dst) {
 524                 kfree_skb(skb);
 525                 return;
 526         }
 527
 528         err = xfrm_lookup(net, &dst, &fl, NULL, 0);
 529         if (err < 0) {
 530                 kfree_skb(skb);
 531                 return;
 532         }
 533
 534         skb_dst_set(skb, dst);
 535
 536         idev = in6_dev_get(dst->dev);
 537         IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
 538
 539         err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL, dst->dev,
 540                       dst_output);
 541         if (!err) {
 542                 ICMP6MSGOUT_INC_STATS(net, idev, type);
 543                 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
 544         }
 545
 546         if (likely(idev != NULL))
 547                 in6_dev_put(idev);
 548 }
 549
 550 EXPORT_SYMBOL(ndisc_send_skb);
 551
 552 /*
 553  *      Send a Neighbour Discover packet
 554  */
 555 static void __ndisc_send(struct net_device *dev,
 556                          struct neighbour *neigh,
 557                          const struct in6_addr *daddr,
 558                          const struct in6_addr *saddr,
 559                          struct icmp6hdr *icmp6h, const struct in6_addr *target,
 560                          int llinfo)
 561 {
 562         struct sk_buff *skb;
 563
 564         skb = ndisc_build_skb(dev, daddr, saddr, icmp6h, target, llinfo);
 565         if (!skb)
 566                 return;
 567
 568         ndisc_send_skb(skb, dev, neigh, daddr, saddr, icmp6h);
 569 }
 570
 571 static void ndisc_send_na(struct net_device *dev, struct neighbour *neigh,
 572                           const struct in6_addr *daddr,
 573                           const struct in6_addr *solicited_addr,
 574                           int router, int solicited, int override, int inc_opt)
 575 {
 576         struct in6_addr tmpaddr;
 577         struct inet6_ifaddr *ifp;
 578         const struct in6_addr *src_addr;
 579         struct icmp6hdr icmp6h = {
 580                 .icmp6_type = NDISC_NEIGHBOUR_ADVERTISEMENT,
 581         };
 582
 583         /* for anycast or proxy, solicited_addr != src_addr */
 584         ifp = ipv6_get_ifaddr(dev_net(dev), solicited_addr, dev, 1);
 585         if (ifp) {
 586                 src_addr = solicited_addr;
 587                 if (ifp->flags & IFA_F_OPTIMISTIC)
 588                         override = 0;
 589                 inc_opt |= ifp->idev->cnf.force_tllao;
 590                 in6_ifa_put(ifp);
 591         } else {
 592                 if (ipv6_dev_get_saddr(dev_net(dev), dev, daddr,
 593                                        inet6_sk(dev_net(dev)->ipv6.ndisc_sk)->srcprefs,
 594                                        &tmpaddr))
 595                         return;
 596                 src_addr = &tmpaddr;
 597         }
 598
 599         icmp6h.icmp6_router = router;
 600         icmp6h.icmp6_solicited = solicited;
 601         icmp6h.icmp6_override = override;
 602
 603         __ndisc_send(dev, neigh, daddr, src_addr,
 604                      &icmp6h, solicited_addr,
 605                      inc_opt ? ND_OPT_TARGET_LL_ADDR : 0);
 606 }
 607
 608 void ndisc_send_ns(struct net_device *dev, struct neighbour *neigh,
 609                    const struct in6_addr *solicit,
 610                    const struct in6_addr *daddr, const struct in6_addr *saddr)
 611 {
 612         struct in6_addr addr_buf;
 613         struct icmp6hdr icmp6h = {
 614                 .icmp6_type = NDISC_NEIGHBOUR_SOLICITATION,
 615         };
 616
 617         if (saddr == NULL) {
 618                 if (ipv6_get_lladdr(dev, &addr_buf,
 619                                    (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)))
 620                         return;
 621                 saddr = &addr_buf;
 622         }
 623
 624         __ndisc_send(dev, neigh, daddr, saddr,
 625                      &icmp6h, solicit,
 626                      !ipv6_addr_any(saddr) ? ND_OPT_SOURCE_LL_ADDR : 0);
 627 }
 628
 629 void ndisc_send_rs(struct net_device *dev, const struct in6_addr *saddr,
 630                    const struct in6_addr *daddr)
 631 {
 632         struct icmp6hdr icmp6h = {
 633                 .icmp6_type = NDISC_ROUTER_SOLICITATION,
 634         };
 635         int send_sllao = dev->addr_len;
 636
 637 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
 638         /*
 639          * According to section 2.2 of RFC 4429, we must not
 640          * send router solicitations with a sllao from
 641          * optimistic addresses, but we may send the solicitation
 642          * if we don't include the sllao.  So here we check
 643          * if our address is optimistic, and if so, we
 644          * suppress the inclusion of the sllao.
 645          */
 646         if (send_sllao) {
 647                 struct inet6_ifaddr *ifp = ipv6_get_ifaddr(dev_net(dev), saddr,
 648                                                            dev, 1);
 649                 if (ifp) {
 650                         if (ifp->flags & IFA_F_OPTIMISTIC)  {
 651                                 send_sllao = 0;
 652                         }
 653                         in6_ifa_put(ifp);
 654                 } else {
 655                         send_sllao = 0;
 656                 }
 657         }
 658 #endif
 659         __ndisc_send(dev, NULL, daddr, saddr,
 660                      &icmp6h, NULL,
 661                      send_sllao ? ND_OPT_SOURCE_LL_ADDR : 0);
 662 }
 663
 664
 665 static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb)
 666 {
 667         /*
 668          *      "The sender MUST return an ICMP
 669          *       destination unreachable"
 670          */
 671         dst_link_failure(skb);
 672         kfree_skb(skb);
 673 }
 674
 675 /* Called with locked neigh: either read or both */
 676
 677 static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb)
 678 {
 679         struct in6_addr *saddr = NULL;
 680         struct in6_addr mcaddr;
 681         struct net_device *dev = neigh->dev;
 682         struct in6_addr *target = (struct in6_addr *)&neigh->primary_key;
 683         int probes = atomic_read(&neigh->probes);
 684
 685         if (skb && ipv6_chk_addr(dev_net(dev), &ipv6_hdr(skb)->saddr, dev, 1))
 686                 saddr = &ipv6_hdr(skb)->saddr;
 687
 688         if ((probes -= neigh->parms->ucast_probes) < 0) {
 689                 if (!(neigh->nud_state & NUD_VALID)) {
 690                         ND_PRINTK1(KERN_DEBUG "%s(): trying to ucast probe in NUD_INVALID: %pI6\n",
 691                                    __func__, target);
 692                 }
 693                 ndisc_send_ns(dev, neigh, target, target, saddr);
 694         } else if ((probes -= neigh->parms->app_probes) < 0) {
 695 #ifdef CONFIG_ARPD
 696                 neigh_app_ns(neigh);
 697 #endif
 698         } else {
 699                 addrconf_addr_solict_mult(target, &mcaddr);
 700                 ndisc_send_ns(dev, NULL, target, &mcaddr, saddr);
 701         }
 702 }
 703
 704 static int pndisc_is_router(const void *pkey,
 705                             struct net_device *dev)
 706 {
 707         struct pneigh_entry *n;
 708         int ret = -1;
 709
 710         read_lock_bh(&nd_tbl.lock);
 711         n = __pneigh_lookup(&nd_tbl, dev_net(dev), pkey, dev);
 712         if (n)
 713                 ret = !!(n->flags & NTF_ROUTER);
 714         read_unlock_bh(&nd_tbl.lock);
 715
 716         return ret;
 717 }
 718
 719 static void ndisc_recv_ns(struct sk_buff *skb)
 720 {
 721         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
 722         struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
 723         struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
 724         u8 *lladdr = NULL;
 725         u32 ndoptlen = skb->tail - (skb->transport_header +
 726                                     offsetof(struct nd_msg, opt));
 727         struct ndisc_options ndopts;
 728         struct net_device *dev = skb->dev;
 729         struct inet6_ifaddr *ifp;
 730         struct inet6_dev *idev = NULL;
 731         struct neighbour *neigh;
 732         int dad = ipv6_addr_any(saddr);
 733         int inc;
 734         int is_router = -1;
 735
 736         if (ipv6_addr_is_multicast(&msg->target)) {
 737                 ND_PRINTK2(KERN_WARNING
 738                            "ICMPv6 NS: multicast target address");
 739                 return;
 740         }
 741
 742         /*
 743          * RFC2461 7.1.1:
 744          * DAD has to be destined for solicited node multicast address.
 745          */
 746         if (dad &&
 747             !(daddr->s6_addr32[0] == htonl(0xff020000) &&
 748               daddr->s6_addr32[1] == htonl(0x00000000) &&
 749               daddr->s6_addr32[2] == htonl(0x00000001) &&
 750               daddr->s6_addr [12] == 0xff )) {
 751                 ND_PRINTK2(KERN_WARNING
 752                            "ICMPv6 NS: bad DAD packet (wrong destination)\n");
 753                 return;
 754         }
 755
 756         if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
 757                 ND_PRINTK2(KERN_WARNING
 758                            "ICMPv6 NS: invalid ND options\n");
 759                 return;
 760         }
 761
 762         if (ndopts.nd_opts_src_lladdr) {
 763                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr, dev);
 764                 if (!lladdr) {
 765                         ND_PRINTK2(KERN_WARNING
 766                                    "ICMPv6 NS: invalid link-layer address length\n");
 767                         return;
 768                 }
 769
 770                 /* RFC2461 7.1.1:
 771                  *      If the IP source address is the unspecified address,
 772                  *      there MUST NOT be source link-layer address option
 773                  *      in the message.
 774                  */
 775                 if (dad) {
 776                         ND_PRINTK2(KERN_WARNING
 777                                    "ICMPv6 NS: bad DAD packet (link-layer address option)\n");
 778                         return;
 779                 }
 780         }
 781
 782         inc = ipv6_addr_is_multicast(daddr);
 783
 784         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
 785         if (ifp) {
 786
 787                 if (ifp->flags & (IFA_F_TENTATIVE|IFA_F_OPTIMISTIC)) {
 788                         if (dad) {
 789                                 if (dev->type == ARPHRD_IEEE802_TR) {
 790                                         const unsigned char *sadr;
 791                                         sadr = skb_mac_header(skb);
 792                                         if (((sadr[8] ^ dev->dev_addr[0]) & 0x7f) == 0 &&
 793                                             sadr[9] == dev->dev_addr[1] &&
 794                                             sadr[10] == dev->dev_addr[2] &&
 795                                             sadr[11] == dev->dev_addr[3] &&
 796                                             sadr[12] == dev->dev_addr[4] &&
 797                                             sadr[13] == dev->dev_addr[5]) {
 798                                                 /* looped-back to us */
 799                                                 goto out;
 800                                         }
 801                                 }
 802
 803                                 /*
 804                                  * We are colliding with another node
 805                                  * who is doing DAD
 806                                  * so fail our DAD process
 807                                  */
 808                                 addrconf_dad_failure(ifp);
 809                                 return;
 810                         } else {
 811                                 /*
 812                                  * This is not a dad solicitation.
 813                                  * If we are an optimistic node,
 814                                  * we should respond.
 815                                  * Otherwise, we should ignore it.
 816                                  */
 817                                 if (!(ifp->flags & IFA_F_OPTIMISTIC))
 818                                         goto out;
 819                         }
 820                 }
 821
 822                 idev = ifp->idev;
 823         } else {
 824                 struct net *net = dev_net(dev);
 825
 826                 idev = in6_dev_get(dev);
 827                 if (!idev) {
 828                         /* XXX: count this drop? */
 829                         return;
 830                 }
 831
 832                 if (ipv6_chk_acast_addr(net, dev, &msg->target) ||
 833                     (idev->cnf.forwarding &&
 834                      (net->ipv6.devconf_all->proxy_ndp || idev->cnf.proxy_ndp) &&
 835                      (is_router = pndisc_is_router(&msg->target, dev)) >= 0)) {
 836                         if (!(NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED) &&
 837                             skb->pkt_type != PACKET_HOST &&
 838                             inc != 0 &&
 839                             idev->nd_parms->proxy_delay != 0) {
 840                                 /*
 841                                  * for anycast or proxy,
 842                                  * sender should delay its response
 843                                  * by a random time between 0 and
 844                                  * MAX_ANYCAST_DELAY_TIME seconds.
 845                                  * (RFC2461) -- yoshfuji
 846                                  */
 847                                 struct sk_buff *n = skb_clone(skb, GFP_ATOMIC);
 848                                 if (n)
 849                                         pneigh_enqueue(&nd_tbl, idev->nd_parms, n);
 850                                 goto out;
 851                         }
 852                 } else
 853                         goto out;
 854         }
 855
 856         if (is_router < 0)
 857                 is_router = !!idev->cnf.forwarding;
 858
 859         if (dad) {
 860                 ndisc_send_na(dev, NULL, &in6addr_linklocal_allnodes, &msg->target,
 861                               is_router, 0, (ifp != NULL), 1);
 862                 goto out;
 863         }
 864
 865         if (inc)
 866                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_mcast);
 867         else
 868                 NEIGH_CACHE_STAT_INC(&nd_tbl, rcv_probes_ucast);
 869
 870         /*
 871          *      update / create cache entry
 872          *      for the source address
 873          */
 874         neigh = __neigh_lookup(&nd_tbl, saddr, dev,
 875                                !inc || lladdr || !dev->addr_len);
 876         if (neigh)
 877                 neigh_update(neigh, lladdr, NUD_STALE,
 878                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
 879                              NEIGH_UPDATE_F_OVERRIDE);
 880         if (neigh || !dev->header_ops) {
 881                 ndisc_send_na(dev, neigh, saddr, &msg->target,
 882                               is_router,
 883                               1, (ifp != NULL && inc), inc);
 884                 if (neigh)
 885                         neigh_release(neigh);
 886         }
 887
 888 out:
 889         if (ifp)
 890                 in6_ifa_put(ifp);
 891         else
 892                 in6_dev_put(idev);
 893 }
 894
 895 static void ndisc_recv_na(struct sk_buff *skb)
 896 {
 897         struct nd_msg *msg = (struct nd_msg *)skb_transport_header(skb);
 898         struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
 899         struct in6_addr *daddr = &ipv6_hdr(skb)->daddr;
 900         u8 *lladdr = NULL;
 901         u32 ndoptlen = skb->tail - (skb->transport_header +
 902                                     offsetof(struct nd_msg, opt));
 903         struct ndisc_options ndopts;
 904         struct net_device *dev = skb->dev;
 905         struct inet6_ifaddr *ifp;
 906         struct neighbour *neigh;
 907
 908         if (skb->len < sizeof(struct nd_msg)) {
 909                 ND_PRINTK2(KERN_WARNING
 910                            "ICMPv6 NA: packet too short\n");
 911                 return;
 912         }
 913
 914         if (ipv6_addr_is_multicast(&msg->target)) {
 915                 ND_PRINTK2(KERN_WARNING
 916                            "ICMPv6 NA: target address is multicast.\n");
 917                 return;
 918         }
 919
 920         if (ipv6_addr_is_multicast(daddr) &&
 921             msg->icmph.icmp6_solicited) {
 922                 ND_PRINTK2(KERN_WARNING
 923                            "ICMPv6 NA: solicited NA is multicasted.\n");
 924                 return;
 925         }
 926
 927         if (!ndisc_parse_options(msg->opt, ndoptlen, &ndopts)) {
 928                 ND_PRINTK2(KERN_WARNING
 929                            "ICMPv6 NS: invalid ND option\n");
 930                 return;
 931         }
 932         if (ndopts.nd_opts_tgt_lladdr) {
 933                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr, dev);
 934                 if (!lladdr) {
 935                         ND_PRINTK2(KERN_WARNING
 936                                    "ICMPv6 NA: invalid link-layer address length\n");
 937                         return;
 938                 }
 939         }
 940         ifp = ipv6_get_ifaddr(dev_net(dev), &msg->target, dev, 1);
 941         if (ifp) {
 942                 if (ifp->flags & IFA_F_TENTATIVE) {
 943                         addrconf_dad_failure(ifp);
 944                         return;
 945                 }
 946                 /* What should we make now? The advertisement
 947                    is invalid, but ndisc specs say nothing
 948                    about it. It could be misconfiguration, or
 949                    an smart proxy agent tries to help us :-)
 950
 951                    We should not print the error if NA has been
 952                    received from loopback - it is just our own
 953                    unsolicited advertisement.
 954                  */
 955                 if (skb->pkt_type != PACKET_LOOPBACK)
 956                         ND_PRINTK1(KERN_WARNING
 957                            "ICMPv6 NA: someone advertises our address %pI6 on %s!\n",
 958                            &ifp->addr, ifp->idev->dev->name);
 959                 in6_ifa_put(ifp);
 960                 return;
 961         }
 962         neigh = neigh_lookup(&nd_tbl, &msg->target, dev);
 963
 964         if (neigh) {
 965                 u8 old_flags = neigh->flags;
 966                 struct net *net = dev_net(dev);
 967
 968                 if (neigh->nud_state & NUD_FAILED)
 969                         goto out;
 970
 971                 /*
 972                  * Don't update the neighbor cache entry on a proxy NA from
 973                  * ourselves because either the proxied node is off link or it
 974                  * has already sent a NA to us.
 975                  */
 976                 if (lladdr && !memcmp(lladdr, dev->dev_addr, dev->addr_len) &&
 977                     net->ipv6.devconf_all->forwarding && net->ipv6.devconf_all->proxy_ndp &&
 978                     pneigh_lookup(&nd_tbl, net, &msg->target, dev, 0)) {
 979                         /* XXX: idev->cnf.prixy_ndp */
 980                         goto out;
 981                 }
 982
 983                 neigh_update(neigh, lladdr,
 984                              msg->icmph.icmp6_solicited ? NUD_REACHABLE : NUD_STALE,
 985                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
 986                              (msg->icmph.icmp6_override ? NEIGH_UPDATE_F_OVERRIDE : 0)|
 987                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
 988                              (msg->icmph.icmp6_router ? NEIGH_UPDATE_F_ISROUTER : 0));
 989
 990                 if ((old_flags & ~neigh->flags) & NTF_ROUTER) {
 991                         /*
 992                          * Change: router to host
 993                          */
 994                         struct rt6_info *rt;
 995                         rt = rt6_get_dflt_router(saddr, dev);
 996                         if (rt)
 997                                 ip6_del_rt(rt);
 998                 }
 999
1000 out:
1001                 neigh_release(neigh);
1002         }
1003 }
1004
1005 static void ndisc_recv_rs(struct sk_buff *skb)
1006 {
1007         struct rs_msg *rs_msg = (struct rs_msg *)skb_transport_header(skb);
1008         unsigned long ndoptlen = skb->len - sizeof(*rs_msg);
1009         struct neighbour *neigh;
1010         struct inet6_dev *idev;
1011         struct in6_addr *saddr = &ipv6_hdr(skb)->saddr;
1012         struct ndisc_options ndopts;
1013         u8 *lladdr = NULL;
1014
1015         if (skb->len < sizeof(*rs_msg))
1016                 return;
1017
1018         idev = in6_dev_get(skb->dev);
1019         if (!idev) {
1020                 if (net_ratelimit())
1021                         ND_PRINTK1("ICMP6 RS: can't find in6 device\n");
1022                 return;
1023         }
1024
1025         /* Don't accept RS if we're not in router mode */
1026         if (!idev->cnf.forwarding)
1027                 goto out;
1028
1029         /*
1030          * Don't update NCE if src = ::;
1031          * this implies that the source node has no ip address assigned yet.
1032          */
1033         if (ipv6_addr_any(saddr))
1034                 goto out;
1035
1036         /* Parse ND options */
1037         if (!ndisc_parse_options(rs_msg->opt, ndoptlen, &ndopts)) {
1038                 if (net_ratelimit())
1039                         ND_PRINTK2("ICMP6 NS: invalid ND option, ignored\n");
1040                 goto out;
1041         }
1042
1043         if (ndopts.nd_opts_src_lladdr) {
1044                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1045                                              skb->dev);
1046                 if (!lladdr)
1047                         goto out;
1048         }
1049
1050         neigh = __neigh_lookup(&nd_tbl, saddr, skb->dev, 1);
1051         if (neigh) {
1052                 neigh_update(neigh, lladdr, NUD_STALE,
1053                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1054                              NEIGH_UPDATE_F_OVERRIDE|
1055                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER);
1056                 neigh_release(neigh);
1057         }
1058 out:
1059         in6_dev_put(idev);
1060 }
1061
1062 static void ndisc_ra_useropt(struct sk_buff *ra, struct nd_opt_hdr *opt)
1063 {
1064         struct icmp6hdr *icmp6h = (struct icmp6hdr *)skb_transport_header(ra);
1065         struct sk_buff *skb;
1066         struct nlmsghdr *nlh;
1067         struct nduseroptmsg *ndmsg;
1068         struct net *net = dev_net(ra->dev);
1069         int err;
1070         int base_size = NLMSG_ALIGN(sizeof(struct nduseroptmsg)
1071                                     + (opt->nd_opt_len << 3));
1072         size_t msg_size = base_size + nla_total_size(sizeof(struct in6_addr));
1073
1074         skb = nlmsg_new(msg_size, GFP_ATOMIC);
1075         if (skb == NULL) {
1076                 err = -ENOBUFS;
1077                 goto errout;
1078         }
1079
1080         nlh = nlmsg_put(skb, 0, 0, RTM_NEWNDUSEROPT, base_size, 0);
1081         if (nlh == NULL) {
1082                 goto nla_put_failure;
1083         }
1084
1085         ndmsg = nlmsg_data(nlh);
1086         ndmsg->nduseropt_family = AF_INET6;
1087         ndmsg->nduseropt_ifindex = ra->dev->ifindex;
1088         ndmsg->nduseropt_icmp_type = icmp6h->icmp6_type;
1089         ndmsg->nduseropt_icmp_code = icmp6h->icmp6_code;
1090         ndmsg->nduseropt_opts_len = opt->nd_opt_len << 3;
1091
1092         memcpy(ndmsg + 1, opt, opt->nd_opt_len << 3);
1093
1094         NLA_PUT(skb, NDUSEROPT_SRCADDR, sizeof(struct in6_addr),
1095                 &ipv6_hdr(ra)->saddr);
1096         nlmsg_end(skb, nlh);
1097
1098         rtnl_notify(skb, net, 0, RTNLGRP_ND_USEROPT, NULL, GFP_ATOMIC);
1099         return;
1100
1101 nla_put_failure:
1102         nlmsg_free(skb);
1103         err = -EMSGSIZE;
1104 errout:
1105         rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);
1106 }
1107
1108 static void ndisc_router_discovery(struct sk_buff *skb)
1109 {
1110         struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
1111         struct neighbour *neigh = NULL;
1112         struct inet6_dev *in6_dev;
1113         struct rt6_info *rt = NULL;
1114         int lifetime;
1115         struct ndisc_options ndopts;
1116         int optlen;
1117         unsigned int pref = 0;
1118
1119         __u8 * opt = (__u8 *)(ra_msg + 1);
1120
1121         optlen = (skb->tail - skb->transport_header) - sizeof(struct ra_msg);
1122
1123         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1124                 ND_PRINTK2(KERN_WARNING
1125                            "ICMPv6 RA: source address is not link-local.\n");
1126                 return;
1127         }
1128         if (optlen < 0) {
1129                 ND_PRINTK2(KERN_WARNING
1130                            "ICMPv6 RA: packet too short\n");
1131                 return;
1132         }
1133
1134 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1135         if (skb->ndisc_nodetype == NDISC_NODETYPE_HOST) {
1136                 ND_PRINTK2(KERN_WARNING
1137                            "ICMPv6 RA: from host or unauthorized router\n");
1138                 return;
1139         }
1140 #endif
1141
1142         /*
1143          *      set the RA_RECV flag in the interface
1144          */
1145
1146         in6_dev = in6_dev_get(skb->dev);
1147         if (in6_dev == NULL) {
1148                 ND_PRINTK0(KERN_ERR
1149                            "ICMPv6 RA: can't find inet6 device for %s.\n",
1150                            skb->dev->name);
1151                 return;
1152         }
1153
1154         if (!ndisc_parse_options(opt, optlen, &ndopts)) {
1155                 in6_dev_put(in6_dev);
1156                 ND_PRINTK2(KERN_WARNING
1157                            "ICMP6 RA: invalid ND options\n");
1158                 return;
1159         }
1160
1161         /* skip route and link configuration on routers */
1162         if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra)
1163                 goto skip_linkparms;
1164
1165 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1166         /* skip link-specific parameters from interior routers */
1167         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1168                 goto skip_linkparms;
1169 #endif
1170
1171         if (in6_dev->if_flags & IF_RS_SENT) {
1172                 /*
1173                  *      flag that an RA was received after an RS was sent
1174                  *      out on this interface.
1175                  */
1176                 in6_dev->if_flags |= IF_RA_RCVD;
1177         }
1178
1179         /*
1180          * Remember the managed/otherconf flags from most recently
1181          * received RA message (RFC 2462) -- yoshfuji
1182          */
1183         in6_dev->if_flags = (in6_dev->if_flags & ~(IF_RA_MANAGED |
1184                                 IF_RA_OTHERCONF)) |
1185                                 (ra_msg->icmph.icmp6_addrconf_managed ?
1186                                         IF_RA_MANAGED : 0) |
1187                                 (ra_msg->icmph.icmp6_addrconf_other ?
1188                                         IF_RA_OTHERCONF : 0);
1189
1190         if (!in6_dev->cnf.accept_ra_defrtr)
1191                 goto skip_defrtr;
1192
1193         lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
1194
1195 #ifdef CONFIG_IPV6_ROUTER_PREF
1196         pref = ra_msg->icmph.icmp6_router_pref;
1197         /* 10b is handled as if it were 00b (medium) */
1198         if (pref == ICMPV6_ROUTER_PREF_INVALID ||
1199             !in6_dev->cnf.accept_ra_rtr_pref)
1200                 pref = ICMPV6_ROUTER_PREF_MEDIUM;
1201 #endif
1202
1203         rt = rt6_get_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev);
1204
1205         if (rt)
1206                 neigh = rt->rt6i_nexthop;
1207
1208         if (rt && lifetime == 0) {
1209                 neigh_clone(neigh);
1210                 ip6_del_rt(rt);
1211                 rt = NULL;
1212         }
1213
1214         if (rt == NULL && lifetime) {
1215                 ND_PRINTK3(KERN_DEBUG
1216                            "ICMPv6 RA: adding default router.\n");
1217
1218                 rt = rt6_add_dflt_router(&ipv6_hdr(skb)->saddr, skb->dev, pref);
1219                 if (rt == NULL) {
1220                         ND_PRINTK0(KERN_ERR
1221                                    "ICMPv6 RA: %s() failed to add default route.\n",
1222                                    __func__);
1223                         in6_dev_put(in6_dev);
1224                         return;
1225                 }
1226
1227                 neigh = rt->rt6i_nexthop;
1228                 if (neigh == NULL) {
1229                         ND_PRINTK0(KERN_ERR
1230                                    "ICMPv6 RA: %s() got default router without neighbour.\n",
1231                                    __func__);
1232                         dst_release(&rt->u.dst);
1233                         in6_dev_put(in6_dev);
1234                         return;
1235                 }
1236                 neigh->flags |= NTF_ROUTER;
1237         } else if (rt) {
1238                 rt->rt6i_flags = (rt->rt6i_flags & ~RTF_PREF_MASK) | RTF_PREF(pref);
1239         }
1240
1241         if (rt)
1242                 rt->rt6i_expires = jiffies + (HZ * lifetime);
1243
1244         if (ra_msg->icmph.icmp6_hop_limit) {
1245                 in6_dev->cnf.hop_limit = ra_msg->icmph.icmp6_hop_limit;
1246                 if (rt)
1247                         rt->u.dst.metrics[RTAX_HOPLIMIT-1] = ra_msg->icmph.icmp6_hop_limit;
1248         }
1249
1250 skip_defrtr:
1251
1252         /*
1253          *      Update Reachable Time and Retrans Timer
1254          */
1255
1256         if (in6_dev->nd_parms) {
1257                 unsigned long rtime = ntohl(ra_msg->retrans_timer);
1258
1259                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/HZ) {
1260                         rtime = (rtime*HZ)/1000;
1261                         if (rtime < HZ/10)
1262                                 rtime = HZ/10;
1263                         in6_dev->nd_parms->retrans_time = rtime;
1264                         in6_dev->tstamp = jiffies;
1265                         inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1266                 }
1267
1268                 rtime = ntohl(ra_msg->reachable_time);
1269                 if (rtime && rtime/1000 < MAX_SCHEDULE_TIMEOUT/(3*HZ)) {
1270                         rtime = (rtime*HZ)/1000;
1271
1272                         if (rtime < HZ/10)
1273                                 rtime = HZ/10;
1274
1275                         if (rtime != in6_dev->nd_parms->base_reachable_time) {
1276                                 in6_dev->nd_parms->base_reachable_time = rtime;
1277                                 in6_dev->nd_parms->gc_staletime = 3 * rtime;
1278                                 in6_dev->nd_parms->reachable_time = neigh_rand_reach_time(rtime);
1279                                 in6_dev->tstamp = jiffies;
1280                                 inet6_ifinfo_notify(RTM_NEWLINK, in6_dev);
1281                         }
1282                 }
1283         }
1284
1285 skip_linkparms:
1286
1287         /*
1288          *      Process options.
1289          */
1290
1291         if (!neigh)
1292                 neigh = __neigh_lookup(&nd_tbl, &ipv6_hdr(skb)->saddr,
1293                                        skb->dev, 1);
1294         if (neigh) {
1295                 u8 *lladdr = NULL;
1296                 if (ndopts.nd_opts_src_lladdr) {
1297                         lladdr = ndisc_opt_addr_data(ndopts.nd_opts_src_lladdr,
1298                                                      skb->dev);
1299                         if (!lladdr) {
1300                                 ND_PRINTK2(KERN_WARNING
1301                                            "ICMPv6 RA: invalid link-layer address length\n");
1302                                 goto out;
1303                         }
1304                 }
1305                 neigh_update(neigh, lladdr, NUD_STALE,
1306                              NEIGH_UPDATE_F_WEAK_OVERRIDE|
1307                              NEIGH_UPDATE_F_OVERRIDE|
1308                              NEIGH_UPDATE_F_OVERRIDE_ISROUTER|
1309                              NEIGH_UPDATE_F_ISROUTER);
1310         }
1311
1312         /* skip route and link configuration on routers */
1313         if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra)
1314                 goto out;
1315
1316 #ifdef CONFIG_IPV6_ROUTE_INFO
1317         if (in6_dev->cnf.accept_ra_rtr_pref && ndopts.nd_opts_ri) {
1318                 struct nd_opt_hdr *p;
1319                 for (p = ndopts.nd_opts_ri;
1320                      p;
1321                      p = ndisc_next_option(p, ndopts.nd_opts_ri_end)) {
1322                         struct route_info *ri = (struct route_info *)p;
1323 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1324                         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT &&
1325                             ri->prefix_len == 0)
1326                                 continue;
1327 #endif
1328                         if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
1329                                 continue;
1330                         rt6_route_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3,
1331                                       &ipv6_hdr(skb)->saddr);
1332                 }
1333         }
1334 #endif
1335
1336 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1337         /* skip link-specific ndopts from interior routers */
1338         if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT)
1339                 goto out;
1340 #endif
1341
1342         if (in6_dev->cnf.accept_ra_pinfo && ndopts.nd_opts_pi) {
1343                 struct nd_opt_hdr *p;
1344                 for (p = ndopts.nd_opts_pi;
1345                      p;
1346                      p = ndisc_next_option(p, ndopts.nd_opts_pi_end)) {
1347                         addrconf_prefix_rcv(skb->dev, (u8*)p, (p->nd_opt_len) << 3);
1348                 }
1349         }
1350
1351         if (ndopts.nd_opts_mtu) {
1352                 __be32 n;
1353                 u32 mtu;
1354
1355                 memcpy(&n, ((u8*)(ndopts.nd_opts_mtu+1))+2, sizeof(mtu));
1356                 mtu = ntohl(n);
1357
1358                 if (mtu < IPV6_MIN_MTU || mtu > skb->dev->mtu) {
1359                         ND_PRINTK2(KERN_WARNING
1360                                    "ICMPv6 RA: invalid mtu: %d\n",
1361                                    mtu);
1362                 } else if (in6_dev->cnf.mtu6 != mtu) {
1363                         in6_dev->cnf.mtu6 = mtu;
1364
1365                         if (rt)
1366                                 rt->u.dst.metrics[RTAX_MTU-1] = mtu;
1367
1368                         rt6_mtu_change(skb->dev, mtu);
1369                 }
1370         }
1371
1372         if (ndopts.nd_useropts) {
1373                 struct nd_opt_hdr *p;
1374                 for (p = ndopts.nd_useropts;
1375                      p;
1376                      p = ndisc_next_useropt(p, ndopts.nd_useropts_end)) {
1377                         ndisc_ra_useropt(skb, p);
1378                 }
1379         }
1380
1381         if (ndopts.nd_opts_tgt_lladdr || ndopts.nd_opts_rh) {
1382                 ND_PRINTK2(KERN_WARNING
1383                            "ICMPv6 RA: invalid RA options");
1384         }
1385 out:
1386         if (rt)
1387                 dst_release(&rt->u.dst);
1388         else if (neigh)
1389                 neigh_release(neigh);
1390         in6_dev_put(in6_dev);
1391 }
1392
1393 static void ndisc_redirect_rcv(struct sk_buff *skb)
1394 {
1395         struct inet6_dev *in6_dev;
1396         struct icmp6hdr *icmph;
1397         struct in6_addr *dest;
1398         struct in6_addr *target;        /* new first hop to destination */
1399         struct neighbour *neigh;
1400         int on_link = 0;
1401         struct ndisc_options ndopts;
1402         int optlen;
1403         u8 *lladdr = NULL;
1404
1405 #ifdef CONFIG_IPV6_NDISC_NODETYPE
1406         switch (skb->ndisc_nodetype) {
1407         case NDISC_NODETYPE_HOST:
1408         case NDISC_NODETYPE_NODEFAULT:
1409                 ND_PRINTK2(KERN_WARNING
1410                            "ICMPv6 Redirect: from host or unauthorized router\n");
1411                 return;
1412         }
1413 #endif
1414
1415         if (!(ipv6_addr_type(&ipv6_hdr(skb)->saddr) & IPV6_ADDR_LINKLOCAL)) {
1416                 ND_PRINTK2(KERN_WARNING
1417                            "ICMPv6 Redirect: source address is not link-local.\n");
1418                 return;
1419         }
1420
1421         optlen = skb->tail - skb->transport_header;
1422         optlen -= sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1423
1424         if (optlen < 0) {
1425                 ND_PRINTK2(KERN_WARNING
1426                            "ICMPv6 Redirect: packet too short\n");
1427                 return;
1428         }
1429
1430         icmph = icmp6_hdr(skb);
1431         target = (struct in6_addr *) (icmph + 1);
1432         dest = target + 1;
1433
1434         if (ipv6_addr_is_multicast(dest)) {
1435                 ND_PRINTK2(KERN_WARNING
1436                            "ICMPv6 Redirect: destination address is multicast.\n");
1437                 return;
1438         }
1439
1440         if (ipv6_addr_equal(dest, target)) {
1441                 on_link = 1;
1442         } else if (ipv6_addr_type(target) !=
1443                    (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1444                 ND_PRINTK2(KERN_WARNING
1445                            "ICMPv6 Redirect: target address is not link-local unicast.\n");
1446                 return;
1447         }
1448
1449         in6_dev = in6_dev_get(skb->dev);
1450         if (!in6_dev)
1451                 return;
1452         if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_redirects) {
1453                 in6_dev_put(in6_dev);
1454                 return;
1455         }
1456
1457         /* RFC2461 8.1:
1458          *      The IP source address of the Redirect MUST be the same as the current
1459          *      first-hop router for the specified ICMP Destination Address.
1460          */
1461
1462         if (!ndisc_parse_options((u8*)(dest + 1), optlen, &ndopts)) {
1463                 ND_PRINTK2(KERN_WARNING
1464                            "ICMPv6 Redirect: invalid ND options\n");
1465                 in6_dev_put(in6_dev);
1466                 return;
1467         }
1468         if (ndopts.nd_opts_tgt_lladdr) {
1469                 lladdr = ndisc_opt_addr_data(ndopts.nd_opts_tgt_lladdr,
1470                                              skb->dev);
1471                 if (!lladdr) {
1472                         ND_PRINTK2(KERN_WARNING
1473                                    "ICMPv6 Redirect: invalid link-layer address length\n");
1474                         in6_dev_put(in6_dev);
1475                         return;
1476                 }
1477         }
1478
1479         neigh = __neigh_lookup(&nd_tbl, target, skb->dev, 1);
1480         if (neigh) {
1481                 rt6_redirect(dest, &ipv6_hdr(skb)->daddr,
1482                              &ipv6_hdr(skb)->saddr, neigh, lladdr,
1483                              on_link);
1484                 neigh_release(neigh);
1485         }
1486         in6_dev_put(in6_dev);
1487 }
1488
1489 void ndisc_send_redirect(struct sk_buff *skb, struct neighbour *neigh,
1490                          const struct in6_addr *target)
1491 {
1492         struct net_device *dev = skb->dev;
1493         struct net *net = dev_net(dev);
1494         struct sock *sk = net->ipv6.ndisc_sk;
1495         int len = sizeof(struct icmp6hdr) + 2 * sizeof(struct in6_addr);
1496         struct sk_buff *buff;
1497         struct icmp6hdr *icmph;
1498         struct in6_addr saddr_buf;
1499         struct in6_addr *addrp;
1500         struct rt6_info *rt;
1501         struct dst_entry *dst;
1502         struct inet6_dev *idev;
1503         struct flowi fl;
1504         u8 *opt;
1505         int rd_len;
1506         int err;
1507         u8 ha_buf[MAX_ADDR_LEN], *ha = NULL;
1508
1509         if (ipv6_get_lladdr(dev, &saddr_buf, IFA_F_TENTATIVE)) {
1510                 ND_PRINTK2(KERN_WARNING
1511                            "ICMPv6 Redirect: no link-local address on %s\n",
1512                            dev->name);
1513                 return;
1514         }
1515
1516         if (!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, target) &&
1517             ipv6_addr_type(target) != (IPV6_ADDR_UNICAST|IPV6_ADDR_LINKLOCAL)) {
1518                 ND_PRINTK2(KERN_WARNING
1519                         "ICMPv6 Redirect: target address is not link-local unicast.\n");
1520                 return;
1521         }
1522
1523         icmpv6_flow_init(sk, &fl, NDISC_REDIRECT,
1524                          &saddr_buf, &ipv6_hdr(skb)->saddr, dev->ifindex);
1525
1526         dst = ip6_route_output(net, NULL, &fl);
1527         if (dst == NULL)
1528                 return;
1529
1530         err = xfrm_lookup(net, &dst, &fl, NULL, 0);
1531         if (err)
1532                 return;
1533
1534         rt = (struct rt6_info *) dst;
1535
1536         if (rt->rt6i_flags & RTF_GATEWAY) {
1537                 ND_PRINTK2(KERN_WARNING
1538                            "ICMPv6 Redirect: destination is not a neighbour.\n");
1539                 goto release;
1540         }
1541         if (!xrlim_allow(dst, 1*HZ))
1542                 goto release;
1543
1544         if (dev->addr_len) {
1545                 read_lock_bh(&neigh->lock);
1546                 if (neigh->nud_state & NUD_VALID) {
1547                         memcpy(ha_buf, neigh->ha, dev->addr_len);
1548                         read_unlock_bh(&neigh->lock);
1549                         ha = ha_buf;
1550                         len += ndisc_opt_addr_space(dev);
1551                 } else
1552                         read_unlock_bh(&neigh->lock);
1553         }
1554
1555         rd_len = min_t(unsigned int,
1556                      IPV6_MIN_MTU-sizeof(struct ipv6hdr)-len, skb->len + 8);
1557         rd_len &= ~0x7;
1558         len += rd_len;
1559
1560         buff = sock_alloc_send_skb(sk,
1561                                    (MAX_HEADER + sizeof(struct ipv6hdr) +
1562                                     len + LL_ALLOCATED_SPACE(dev)),
1563                                    1, &err);
1564         if (buff == NULL) {
1565                 ND_PRINTK0(KERN_ERR
1566                            "ICMPv6 Redirect: %s() failed to allocate an skb, err=%d.\n",
1567                            __func__, err);
1568                 goto release;
1569         }
1570
1571         skb_reserve(buff, LL_RESERVED_SPACE(dev));
1572         ip6_nd_hdr(sk, buff, dev, &saddr_buf, &ipv6_hdr(skb)->saddr,
1573                    IPPROTO_ICMPV6, len);
1574
1575         skb_set_transport_header(buff, skb_tail_pointer(buff) - buff->data);
1576         skb_put(buff, len);
1577         icmph = icmp6_hdr(buff);
1578
1579         memset(icmph, 0, sizeof(struct icmp6hdr));
1580         icmph->icmp6_type = NDISC_REDIRECT;
1581
1582         /*
1583          *      copy target and destination addresses
1584          */
1585
1586         addrp = (struct in6_addr *)(icmph + 1);
1587         ipv6_addr_copy(addrp, target);
1588         addrp++;
1589         ipv6_addr_copy(addrp, &ipv6_hdr(skb)->daddr);
1590
1591         opt = (u8*) (addrp + 1);
1592
1593         /*
1594          *      include target_address option
1595          */
1596
1597         if (ha)
1598                 opt = ndisc_fill_addr_option(opt, ND_OPT_TARGET_LL_ADDR, ha,
1599                                              dev->addr_len, dev->type);
1600
1601         /*
1602          *      build redirect option and copy skb over to the new packet.
1603          */
1604
1605         memset(opt, 0, 8);
1606         *(opt++) = ND_OPT_REDIRECT_HDR;
1607         *(opt++) = (rd_len >> 3);
1608         opt += 6;
1609
1610         memcpy(opt, ipv6_hdr(skb), rd_len - 8);
1611
1612         icmph->icmp6_cksum = csum_ipv6_magic(&saddr_buf, &ipv6_hdr(skb)->saddr,
1613                                              len, IPPROTO_ICMPV6,
1614                                              csum_partial(icmph, len, 0));
1615
1616         skb_dst_set(buff, dst);
1617         idev = in6_dev_get(dst->dev);
1618         IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUT, skb->len);
1619         err = NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, buff, NULL, dst->dev,
1620                       dst_output);
1621         if (!err) {
1622                 ICMP6MSGOUT_INC_STATS(net, idev, NDISC_REDIRECT);
1623                 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1624         }
1625
1626         if (likely(idev != NULL))
1627                 in6_dev_put(idev);
1628         return;
1629
1630 release:
1631         dst_release(dst);
1632 }
1633
1634 static void pndisc_redo(struct sk_buff *skb)
1635 {
1636         ndisc_recv_ns(skb);
1637         kfree_skb(skb);
1638 }
1639
1640 int ndisc_rcv(struct sk_buff *skb)
1641 {
1642         struct nd_msg *msg;
1643
1644         if (!pskb_may_pull(skb, skb->len))
1645                 return 0;
1646
1647         msg = (struct nd_msg *)skb_transport_header(skb);
1648
1649         __skb_push(skb, skb->data - skb_transport_header(skb));
1650
1651         if (ipv6_hdr(skb)->hop_limit != 255) {
1652                 ND_PRINTK2(KERN_WARNING
1653                            "ICMPv6 NDISC: invalid hop-limit: %d\n",
1654                            ipv6_hdr(skb)->hop_limit);
1655                 return 0;
1656         }
1657
1658         if (msg->icmph.icmp6_code != 0) {
1659                 ND_PRINTK2(KERN_WARNING
1660                            "ICMPv6 NDISC: invalid ICMPv6 code: %d\n",
1661                            msg->icmph.icmp6_code);
1662                 return 0;
1663         }
1664
1665         memset(NEIGH_CB(skb), 0, sizeof(struct neighbour_cb));
1666
1667         switch (msg->icmph.icmp6_type) {
1668         case NDISC_NEIGHBOUR_SOLICITATION:
1669                 ndisc_recv_ns(skb);
1670                 break;
1671
1672         case NDISC_NEIGHBOUR_ADVERTISEMENT:
1673                 ndisc_recv_na(skb);
1674                 break;
1675
1676         case NDISC_ROUTER_SOLICITATION:
1677                 ndisc_recv_rs(skb);
1678                 break;
1679
1680         case NDISC_ROUTER_ADVERTISEMENT:
1681                 ndisc_router_discovery(skb);
1682                 break;
1683
1684         case NDISC_REDIRECT:
1685                 ndisc_redirect_rcv(skb);
1686                 break;
1687         }
1688
1689         return 0;
1690 }
1691
1692 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)
1693 {
1694         struct net_device *dev = ptr;
1695         struct net *net = dev_net(dev);
1696
1697         switch (event) {
1698         case NETDEV_CHANGEADDR:
1699                 neigh_changeaddr(&nd_tbl, dev);
1700                 fib6_run_gc(~0UL, net);
1701                 break;
1702         case NETDEV_DOWN:
1703                 neigh_ifdown(&nd_tbl, dev);
1704                 fib6_run_gc(~0UL, net);
1705                 break;
1706         default:
1707                 break;
1708         }
1709
1710         return NOTIFY_DONE;
1711 }
1712
1713 static struct notifier_block ndisc_netdev_notifier = {
1714         .notifier_call = ndisc_netdev_event,
1715 };
1716
1717 #ifdef CONFIG_SYSCTL
1718 static void ndisc_warn_deprecated_sysctl(struct ctl_table *ctl,
1719                                          const char *func, const char *dev_name)
1720 {
1721         static char warncomm[TASK_COMM_LEN];
1722         static int warned;
1723         if (strcmp(warncomm, current->comm) && warned < 5) {
1724                 strcpy(warncomm, current->comm);
1725                 printk(KERN_WARNING
1726                         "process `%s' is using deprecated sysctl (%s) "
1727                         "net.ipv6.neigh.%s.%s; "
1728                         "Use net.ipv6.neigh.%s.%s_ms "
1729                         "instead.\n",
1730                         warncomm, func,
1731                         dev_name, ctl->procname,
1732                         dev_name, ctl->procname);
1733                 warned++;
1734         }
1735 }
1736
1737 int ndisc_ifinfo_sysctl_change(struct ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos)
1738 {
1739         struct net_device *dev = ctl->extra1;
1740         struct inet6_dev *idev;
1741         int ret;
1742
1743         if ((strcmp(ctl->procname, "retrans_time") == 0) ||
1744             (strcmp(ctl->procname, "base_reachable_time") == 0))
1745                 ndisc_warn_deprecated_sysctl(ctl, "syscall", dev ? dev->name : "default");
1746
1747         if (strcmp(ctl->procname, "retrans_time") == 0)
1748                 ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
1749
1750         else if (strcmp(ctl->procname, "base_reachable_time") == 0)
1751                 ret = proc_dointvec_jiffies(ctl, write,
1752                                             buffer, lenp, ppos);
1753
1754         else if ((strcmp(ctl->procname, "retrans_time_ms") == 0) ||
1755                  (strcmp(ctl->procname, "base_reachable_time_ms") == 0))
1756                 ret = proc_dointvec_ms_jiffies(ctl, write,
1757                                                buffer, lenp, ppos);
1758         else
1759                 ret = -1;
1760
1761         if (write && ret == 0 && dev && (idev = in6_dev_get(dev)) != NULL) {
1762                 if (ctl->data == &idev->nd_parms->base_reachable_time)
1763                         idev->nd_parms->reachable_time = neigh_rand_reach_time(idev->nd_parms->base_reachable_time);
1764                 idev->tstamp = jiffies;
1765                 inet6_ifinfo_notify(RTM_NEWLINK, idev);
1766                 in6_dev_put(idev);
1767         }
1768         return ret;
1769 }
1770
1771
1772 #endif
1773
1774 static int __net_init ndisc_net_init(struct net *net)
1775 {
1776         struct ipv6_pinfo *np;
1777         struct sock *sk;
1778         int err;
1779
1780         err = inet_ctl_sock_create(&sk, PF_INET6,
1781                                    SOCK_RAW, IPPROTO_ICMPV6, net);
1782         if (err < 0) {
1783                 ND_PRINTK0(KERN_ERR
1784                            "ICMPv6 NDISC: Failed to initialize the control socket (err %d).\n",
1785                            err);
1786                 return err;
1787         }
1788
1789         net->ipv6.ndisc_sk = sk;
1790
1791         np = inet6_sk(sk);
1792         np->hop_limit = 255;
1793         /* Do not loopback ndisc messages */
1794         np->mc_loop = 0;
1795
1796         return 0;
1797 }
1798
1799 static void __net_exit ndisc_net_exit(struct net *net)
1800 {
1801         inet_ctl_sock_destroy(net->ipv6.ndisc_sk);
1802 }
1803
1804 static struct pernet_operations ndisc_net_ops = {
1805         .init = ndisc_net_init,
1806         .exit = ndisc_net_exit,
1807 };
1808
1809 int __init ndisc_init(void)
1810 {
1811         int err;
1812
1813         err = register_pernet_subsys(&ndisc_net_ops);
1814         if (err)
1815                 return err;
1816         /*
1817          * Initialize the neighbour table
1818          */
1819         neigh_table_init(&nd_tbl);
1820
1821 #ifdef CONFIG_SYSCTL
1822         err = neigh_sysctl_register(NULL, &nd_tbl.parms, "ipv6",
1823                                     &ndisc_ifinfo_sysctl_change);
1824         if (err)
1825                 goto out_unregister_pernet;
1826 #endif
1827         err = register_netdevice_notifier(&ndisc_netdev_notifier);
1828         if (err)
1829                 goto out_unregister_sysctl;
1830 out:
1831         return err;
1832
1833 out_unregister_sysctl:
1834 #ifdef CONFIG_SYSCTL
1835         neigh_sysctl_unregister(&nd_tbl.parms);
1836 out_unregister_pernet:
1837 #endif
1838         unregister_pernet_subsys(&ndisc_net_ops);
1839         goto out;
1840 }
1841
1842 void ndisc_cleanup(void)
1843 {
1844         unregister_netdevice_notifier(&ndisc_netdev_notifier);
1845 #ifdef CONFIG_SYSCTL
1846         neigh_sysctl_unregister(&nd_tbl.parms);
1847 #endif
1848         neigh_table_clear(&nd_tbl);
1849         unregister_pernet_subsys(&ndisc_net_ops);
1850 }